From 7d97fcdfb56e5723d7f417375b5c5b1091d6a43c Mon Sep 17 00:00:00 2001 From: Shlomo Heigh Date: Wed, 11 Sep 2024 10:51:48 -0400 Subject: [PATCH 1/5] CNJR-5954: Fix promotion not pushing version without id --- publish-images.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/publish-images.sh b/publish-images.sh index 33faa54549..93c56014e1 100755 --- a/publish-images.sh +++ b/publish-images.sh @@ -132,15 +132,15 @@ if [[ "${PROMOTE}" = true ]]; then readarray -t prefix_versions < <(gen_versions "${VERSION}") for version in latest "${prefix_versions[@]}"; do - echo "Pushing images for tag: $version" - + echo "Pushing images for tag: $version-${ARCH}" + tag_and_push "${version}-${ARCH}" "registry.tld/${IMAGE_NAME}:${LOCAL_TAG}-${ARCH}" "registry.tld/${IMAGE_NAME}" tag_and_push "${version}-${ARCH}" "registry.tld/conjur-ubi:${LOCAL_TAG}-${ARCH}" "registry.tld/conjur-ubi" if [[ "${DOCKERHUB}" ]]; then echo "Pushing to DockerHub" - tag_and_push "${version}" "${LOCAL_IMAGE}" "${IMAGE_NAME}" + tag_and_push "${version}-${ARCH}" "${LOCAL_IMAGE}-${ARCH}" "${IMAGE_NAME}" fi done fi From ebc15ca9cfc1f9892882995b4bda26b951ed2c0f Mon Sep 17 00:00:00 2001 From: Shlomo Heigh Date: Thu, 12 Sep 2024 09:27:55 -0400 Subject: [PATCH 2/5] CNJR-0000: Use Gen1 Gcloud function env Fixes "ERROR: (gcloud.functions.deploy) Invalid value for [--runtime]: python37 is not a supported runtime on GCF 2nd gen. Use `gcloud functions runtimes list` to get a list of available runtimes" error in GCP test --- ci/test_suites/authenticators_gcp/deploy_function.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/test_suites/authenticators_gcp/deploy_function.sh b/ci/test_suites/authenticators_gcp/deploy_function.sh index 2434d51b25..c4b734b50b 100755 --- a/ci/test_suites/authenticators_gcp/deploy_function.sh +++ b/ci/test_suites/authenticators_gcp/deploy_function.sh @@ -68,7 +68,7 @@ deploy_function() { cd "$GCF_SOURCE_DIR" echo "-- Deploying function: $GCF_FUNC_NAME" - gcloud functions deploy "$GCF_FUNC_NAME" --runtime python37 --trigger-http --quiet + gcloud functions deploy "$GCF_FUNC_NAME" --no-gen2 --runtime python37 --trigger-http --quiet echo '-> deploy_function done' } From c40c5d533ef1d9092b8d8e495a3ee87ccb31c5dc Mon Sep 17 00:00:00 2001 From: Shlomo Heigh Date: Fri, 13 Sep 2024 10:03:07 -0400 Subject: [PATCH 3/5] CNJR-5954: Push unified manifest to DockerHub --- Jenkinsfile | 2 +- publish-images.sh | 4 ++-- publish-manifest.sh | 20 ++++++++++++++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 3a897befab..c127595ba6 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -130,7 +130,7 @@ if (params.MODE == "PROMOTE") { summon -f ./secrets.yml ./publish-images.sh --promote --base-version=${sourceVersion} --version=${targetVersion} --arch=arm64 # Promote manifest that links above images - summon -f ./secrets.yml ./publish-manifest.sh --promote --base-version=${sourceVersion} --version=${targetVersion} + summon -f ./secrets.yml ./publish-manifest.sh --promote --dockerhub --base-version=${sourceVersion} --version=${targetVersion} """ // TODO: In talking to Neil King, this likely won't work until conjurops is migrated over diff --git a/publish-images.sh b/publish-images.sh index 93c56014e1..a3fabf257b 100755 --- a/publish-images.sh +++ b/publish-images.sh @@ -150,13 +150,13 @@ if [[ "${REDHAT}" = true ]]; then # Publish only the tag version to the Redhat container registry if docker login "${REDHAT_REGISTRY}" -u "${REDHAT_USER}" -p "${REDHAT_API_KEY}"; then # push image to red hat - tag_and_push "${VERSION}" "${RH_LOCAL_IMAGE}" "${REDHAT_REMOTE_IMAGE}" + tag_and_push "${VERSION}" "${RH_LOCAL_IMAGE}-${ARCH}" "${REDHAT_REMOTE_IMAGE}" # scan image with preflight tool scan_redhat_image "${REDHAT_REMOTE_IMAGE}:${VERSION}" "${REDHAT_CERT_PID}" # push latest tag to RH - tag_and_push "latest" "${RH_LOCAL_IMAGE}" "${REDHAT_REMOTE_IMAGE}" + tag_and_push "latest" "${RH_LOCAL_IMAGE}-${ARCH}" "${REDHAT_REMOTE_IMAGE}" else echo 'Failed to log in to quay.io' exit 1 diff --git a/publish-manifest.sh b/publish-manifest.sh index e0c75a9676..4863e0b1d2 100755 --- a/publish-manifest.sh +++ b/publish-manifest.sh @@ -22,6 +22,7 @@ function print_help() { PUBLISH_EDGE=false PUBLISH_INTERNAL=false PROMOTE=false +DOCKERHUB=false VERSION=$( Date: Mon, 16 Sep 2024 10:05:57 -0400 Subject: [PATCH 4/5] CNJR-5954: Fix Jenkins post promote command --- Jenkinsfile | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index c127595ba6..f449a9adda 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -133,12 +133,8 @@ if (params.MODE == "PROMOTE") { summon -f ./secrets.yml ./publish-manifest.sh --promote --dockerhub --base-version=${sourceVersion} --version=${targetVersion} """ - // TODO: In talking to Neil King, this likely won't work until conjurops is migrated over - // to github enterprise. In the absence of promoting an OSS conjur release, though, we haven't - // tried it since the Conjur repo migrated over. - // Trigger Conjurops build to push newly promoted releases of conjur to ConjurOps Staging build( - job:'../conjurinc--conjurops/master', + job: 'Conjur-Enterprise/Conjur-Enterprise-conjurops/main/Conjur-Enterprise-conjurops-main-full/master', parameters:[ string(name: 'conjur_oss_source_image', value: "cyberark/conjur:${targetVersion}") ], From 3bb1b1bdebddab1a34bb81e85ba437a707ef17ef Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 04:46:06 +0000 Subject: [PATCH 5/5] Bump actionmailer from 6.1.7.8 to 6.1.7.9 Bumps [actionmailer](https://github.com/rails/rails) from 6.1.7.8 to 6.1.7.9. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v7.2.1.1/actionmailer/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v6.1.7.8...v6.1.7.9) --- updated-dependencies: - dependency-name: actionmailer dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 132 +++++++++++++++++++++++++-------------------------- 1 file changed, 66 insertions(+), 66 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ba6847947a..5228690fa4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -16,60 +16,60 @@ PATH GEM remote: https://rubygems.org/ specs: - actioncable (6.1.7.8) - actionpack (= 6.1.7.8) - activesupport (= 6.1.7.8) + actioncable (6.1.7.9) + actionpack (= 6.1.7.9) + activesupport (= 6.1.7.9) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7.8) - actionpack (= 6.1.7.8) - activejob (= 6.1.7.8) - activerecord (= 6.1.7.8) - activestorage (= 6.1.7.8) - activesupport (= 6.1.7.8) + actionmailbox (6.1.7.9) + actionpack (= 6.1.7.9) + activejob (= 6.1.7.9) + activerecord (= 6.1.7.9) + activestorage (= 6.1.7.9) + activesupport (= 6.1.7.9) mail (>= 2.7.1) - actionmailer (6.1.7.8) - actionpack (= 6.1.7.8) - actionview (= 6.1.7.8) - activejob (= 6.1.7.8) - activesupport (= 6.1.7.8) + actionmailer (6.1.7.9) + actionpack (= 6.1.7.9) + actionview (= 6.1.7.9) + activejob (= 6.1.7.9) + activesupport (= 6.1.7.9) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (6.1.7.8) - actionview (= 6.1.7.8) - activesupport (= 6.1.7.8) + actionpack (6.1.7.9) + actionview (= 6.1.7.9) + activesupport (= 6.1.7.9) rack (~> 2.0, >= 2.0.9) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.7.8) - actionpack (= 6.1.7.8) - activerecord (= 6.1.7.8) - activestorage (= 6.1.7.8) - activesupport (= 6.1.7.8) + actiontext (6.1.7.9) + actionpack (= 6.1.7.9) + activerecord (= 6.1.7.9) + activestorage (= 6.1.7.9) + activesupport (= 6.1.7.9) nokogiri (>= 1.8.5) - actionview (6.1.7.8) - activesupport (= 6.1.7.8) + actionview (6.1.7.9) + activesupport (= 6.1.7.9) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.7.8) - activesupport (= 6.1.7.8) + activejob (6.1.7.9) + activesupport (= 6.1.7.9) globalid (>= 0.3.6) - activemodel (6.1.7.8) - activesupport (= 6.1.7.8) - activerecord (6.1.7.8) - activemodel (= 6.1.7.8) - activesupport (= 6.1.7.8) - activestorage (6.1.7.8) - actionpack (= 6.1.7.8) - activejob (= 6.1.7.8) - activerecord (= 6.1.7.8) - activesupport (= 6.1.7.8) + activemodel (6.1.7.9) + activesupport (= 6.1.7.9) + activerecord (6.1.7.9) + activemodel (= 6.1.7.9) + activesupport (= 6.1.7.9) + activestorage (6.1.7.9) + actionpack (= 6.1.7.9) + activejob (= 6.1.7.9) + activerecord (= 6.1.7.9) + activesupport (= 6.1.7.9) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (6.1.7.8) + activesupport (6.1.7.9) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -105,7 +105,7 @@ GEM base58 (0.2.3) bcrypt (3.1.19) bindata (2.4.15) - builder (3.2.4) + builder (3.3.0) byebug (11.1.3) childprocess (4.1.0) ci_reporter (2.1.0) @@ -116,7 +116,7 @@ GEM rspec (>= 2.14, < 4) coderay (1.1.3) command_class (0.0.2) - concurrent-ruby (1.2.3) + concurrent-ruby (1.3.4) conjur-api (5.4.2.pre.638) activesupport (>= 4.2) addressable (~> 2.0) @@ -173,7 +173,7 @@ GEM cucumber-core (~> 10.1, >= 10.1.0) cucumber-cucumber-expressions (~> 14.0, >= 14.0.0) database_cleaner (1.99.0) - date (3.3.3) + date (3.3.4) debase (0.2.5.beta2) debase-ruby_core_source (>= 0.10.12) debase-ruby_core_source (3.3.1) @@ -221,7 +221,7 @@ GEM dry-initializer (~> 3.0) dry-schema (>= 1.12, < 2) zeitwerk (~> 2.6) - erubi (1.12.0) + erubi (1.13.0) event_emitter (0.2.6) eventmachine (1.2.7) excon (0.100.0) @@ -303,19 +303,19 @@ GEM mime-types (3.5.2) mime-types-data (~> 3.2015) mime-types-data (3.2024.0305) - mini_mime (1.1.2) - minitest (5.22.2) + mini_mime (1.1.5) + minitest (5.25.1) multi_json (1.15.0) multi_test (0.1.2) - net-imap (0.3.7) + net-imap (0.4.17) date net-protocol net-ldap (0.18.0) net-pop (0.1.2) net-protocol - net-protocol (0.2.1) + net-protocol (0.2.2) timeout - net-smtp (0.3.3) + net-smtp (0.5.0) net-protocol net-ssh (7.1.0) netrc (0.11.0) @@ -362,7 +362,7 @@ GEM public_suffix (5.0.4) puma (6.4.2) nio4r (~> 2.0) - racc (1.7.1) + racc (1.8.1) rack (2.2.8.1) rack-oauth2 (2.2.0) activesupport @@ -374,26 +374,26 @@ GEM rack-rewrite (1.5.1) rack-test (2.1.0) rack (>= 1.3) - rails (6.1.7.8) - actioncable (= 6.1.7.8) - actionmailbox (= 6.1.7.8) - actionmailer (= 6.1.7.8) - actionpack (= 6.1.7.8) - actiontext (= 6.1.7.8) - actionview (= 6.1.7.8) - activejob (= 6.1.7.8) - activemodel (= 6.1.7.8) - activerecord (= 6.1.7.8) - activestorage (= 6.1.7.8) - activesupport (= 6.1.7.8) + rails (6.1.7.9) + actioncable (= 6.1.7.9) + actionmailbox (= 6.1.7.9) + actionmailer (= 6.1.7.9) + actionpack (= 6.1.7.9) + actiontext (= 6.1.7.9) + actionview (= 6.1.7.9) + activejob (= 6.1.7.9) + activemodel (= 6.1.7.9) + activerecord (= 6.1.7.9) + activestorage (= 6.1.7.9) + activesupport (= 6.1.7.9) bundler (>= 1.15.0) - railties (= 6.1.7.8) + railties (= 6.1.7.9) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) activesupport (>= 5.0.1.rc1) - rails-dom-testing (2.1.1) + rails-dom-testing (2.2.0) activesupport (>= 5.0.0) minitest nokogiri (>= 1.6) @@ -406,9 +406,9 @@ GEM rails_layout (1.0.42) rails_serve_static_assets (0.0.5) rails_stdout_logging (0.0.5) - railties (6.1.7.8) - actionpack (= 6.1.7.8) - activesupport (= 6.1.7.8) + railties (6.1.7.9) + actionpack (= 6.1.7.9) + activesupport (= 6.1.7.9) method_source rake (>= 12.2) thor (~> 1.0) @@ -507,7 +507,7 @@ GEM ffi (~> 1.1) table_print (1.5.7) thor (1.2.2) - timeout (0.4.0) + timeout (0.4.1) tzinfo (2.0.6) concurrent-ruby (~> 1.0) unf (0.1.4) @@ -535,7 +535,7 @@ GEM websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) xdg (2.2.3) - zeitwerk (2.6.13) + zeitwerk (2.7.0) PLATFORMS aarch64-linux